Bug 2171252 (CVE-2022-33196) - CVE-2022-33196 kernel: Intel firmware update for Incorrect default permissions in some memory controller configurations
Summary: CVE-2022-33196 kernel: Intel firmware update for Incorrect default permission...
Status: NEW
Alias: CVE-2022-33196
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Nobody
QA Contact:
Depends On: 2171253 2171254 2171255 2171256 2171257 2171258 2171259 2171260 2171261 2171262 2171263 2171264
Blocks: 2169989
TreeView+ depends on / blocked
Reported: 2023-02-19 12:03 UTC by Alex
Modified: 2024-02-07 13:39 UTC (History)
13 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the Linux kernel. Some Intel(R) Xeon(R) processors with Intel® Software Guard Extensions (SGX) may allow privilege escalation. This issue may allow a privileged user to enable privilege escalation via local access.
Clone Of:
Last Closed:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2023:5209 0 None None None 2023-09-19 01:08:47 UTC

Description Alex 2023-02-19 12:03:13 UTC
A potential security vulnerability in some Intel(R) Xeon(R) Processors with Intel(R) Software Guard Extensions (SGX) may allow escalation of privilege.  Intel is releasing firmware updates to mitigate this potential vulnerability.


Comment 1 Alex 2023-02-19 12:03:31 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2171253]

Comment 4 Justin M. Forbes 2023-03-01 19:45:50 UTC
Not sure why there are kernel bugs for these, it seems all mitigation is in microcode with would be microcode_ctl updates.

Comment 7 errata-xmlrpc 2023-09-19 01:08:45 UTC
This issue has been addressed in the following products:

  Red Hat Virtualization 4 for Red Hat Enterprise Linux 8

Via RHSA-2023:5209 https://access.redhat.com/errata/RHSA-2023:5209

Note You need to log in before you can comment on or make changes to this bug.